The data is your concern. None of the data that you care about should live on the kiosk box, ever.

The usual way of dealing with this is to have the kiosk box be a web browser and nothing else. When the kiosk boots, it automatically starts a web browser. If someone exits out of the browser, there's a minimal windowing environment that can't do anything else but restart the web browser.

The web browser points to a web server that you control. The web server has your code and it is written well and securely so that data leaks can't happen. The database lives on a box separate from the web server and only the web server can talk to it.

How exactly do you envision data theft?

HTH,

Hugh

Ahmed Kamal wrote:
oh! No, the hardware is *not* my concern. It's the data! Let me quickly
recap. Let's try points this time

- The Linux system I build will be on someone else's network (mostly other
potentially hostile companies)
- The system provides a web interface to a database that users should access
& use
- The users should not be able to steal/mount the disk, to dump my database
or look at my code
- I know such setup will never be 100% secure, I just need to make stealing
the data as hard as possible

Hope that's clear. I apologize if I was not too clear earlier

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
rhelv5-list mailing list
rhelv5-list@redhat.com
https://www.redhat.com/mailman/listinfo/rhelv5-list

Reply via email to